Dell

CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS
CVE-2021-36320 1Dell 9X1008 Firmware X1008p FirmwareX1018 Firmware+6 more Nov 21, 2024 Nov 20, 2021 N/A· v4 9.8 CRITICAL· v3 7.5 HIGH· v2 Dell Networking X-Series firmware versions prior to 3.0.1.8 contain an authentication bypass vulnerability. A remote unauthenticated attacker may potentially hijack a session and access the webserver by forging the sessi...Show more Dell Networking X-Series firmware versions prior to 3.0.1.8 contain an authentication bypass vulnerability. A remote unauthenticated attacker may potentially hijack a session and access the webserver by forging the session ID.Show less
CVE-2021-36319 1Dell 1Networking Os10 Nov 21, 2024 Nov 20, 2021 N/A· v4 3.3 LOW· v3 2.1 LOW· v2 Dell Networking OS10 versions 10.4.3.x, 10.5.0.x and 10.5.1.x contain an information exposure vulnerability. A low privileged authenticated malicious user can gain access to SNMP authentication failure messages.
CVE-2021-36310 1Dell 1Networking Os10 Nov 21, 2024 Nov 20, 2021 N/A· v4 4.9 MEDIUM· v3 6.8 MEDIUM· v2 Dell Networking OS10, versions 10.4.3.x, 10.5.0.x, 10.5.1.x & 10.5.2.x, contain an uncontrolled resource consumption flaw in its API service. A high-privileged API user may potentially exploit this vulnerability, leading...Show more Dell Networking OS10, versions 10.4.3.x, 10.5.0.x, 10.5.1.x & 10.5.2.x, contain an uncontrolled resource consumption flaw in its API service. A high-privileged API user may potentially exploit this vulnerability, leading to a denial of service.Show less
CVE-2021-36308 1Dell 1Networking Os10 Nov 21, 2024 Nov 20, 2021 N/A· v4 9.8 CRITICAL· v3 9.3 HIGH· v2 Networking OS10, versions prior to October 2021 with Smart Fabric Services enabled, contains an authentication bypass vulnerability. A remote unauthenticated attacker could exploit this vulnerability to gain access and p...Show more Networking OS10, versions prior to October 2021 with Smart Fabric Services enabled, contains an authentication bypass vulnerability. A remote unauthenticated attacker could exploit this vulnerability to gain access and perform actions on the affected system.Show less
CVE-2021-36307 1Dell 1Networking Os10 Nov 21, 2024 Nov 20, 2021 N/A· v4 8.8 HIGH· v3 8.5 HIGH· v2 Networking OS10, versions prior to October 2021 with RESTCONF API enabled, contains a privilege escalation vulnerability. A malicious low privileged user with specific access to the API could potentially exploit this vul...Show more Networking OS10, versions prior to October 2021 with RESTCONF API enabled, contains a privilege escalation vulnerability. A malicious low privileged user with specific access to the API could potentially exploit this vulnerability to gain admin privileges on the affected system.Show less
CVE-2021-36306 1Dell 1Networking Os10 Nov 21, 2024 Nov 20, 2021 N/A· v4 9.8 CRITICAL· v3 9.3 HIGH· v2 Networking OS10, versions prior to October 2021 with RESTCONF API enabled, contains an authentication bypass vulnerability. A remote unauthenticated attacker could exploit this vulnerability to gain access and perform ac...Show more Networking OS10, versions prior to October 2021 with RESTCONF API enabled, contains an authentication bypass vulnerability. A remote unauthenticated attacker could exploit this vulnerability to gain access and perform actions on the affected system.Show less
CVE-2021-36325 1Dell 283Alienware 13 R3 Firmware Alienware 15 R3 FirmwareAlienware 15 R4 Firmware+280 more Nov 21, 2024 Nov 12, 2021 N/A· v4 6.7 MEDIUM· v3 7.2 HIGH· v2 Dell BIOS contains an improper input validation vulnerability. A local authenticated malicious user may potentially exploit this vulnerability by using an SMI to gain arbitrary code execution in SMRAM.
CVE-2021-36324 1Dell 283Alienware 13 R3 Firmware Alienware 15 R3 FirmwareAlienware 15 R4 Firmware+280 more Nov 21, 2024 Nov 12, 2021 N/A· v4 6.7 MEDIUM· v3 7.2 HIGH· v2 Dell BIOS contains an improper input validation vulnerability. A local authenticated malicious user may potentially exploit this vulnerability by using an SMI to gain arbitrary code execution in SMRAM.
CVE-2021-36323 1Dell 283Alienware 13 R3 Firmware Alienware 15 R3 FirmwareAlienware 15 R4 Firmware+280 more Nov 21, 2024 Nov 12, 2021 N/A· v4 6.7 MEDIUM· v3 7.2 HIGH· v2 Dell BIOS contains an improper input validation vulnerability. A local authenticated malicious user may potentially exploit this vulnerability by using an SMI to gain arbitrary code execution in SMRAM.
CVE-2021-36315 1Dell 19Emc Powerscale Nodes A100 Firmware Emc Powerscale Nodes A2000 FirmwareEmc Powerscale Nodes A200 Firmware+16 more Nov 21, 2024 Nov 12, 2021 N/A· v4 6.8 MEDIUM· v3 7.2 HIGH· v2 Dell EMC PowerScale Nodes contain a hardware design flaw. This may allow a local unauthenticated user to escalate privileges. This also affects Compliance mode and for Compliance mode clusters, is a critical vulnerabilit...Show more Dell EMC PowerScale Nodes contain a hardware design flaw. This may allow a local unauthenticated user to escalate privileges. This also affects Compliance mode and for Compliance mode clusters, is a critical vulnerability. Dell EMC recommends applying the workaround at your earliest opportunity.Show less
CVE-2021-36305 1Dell 1Emc Powerscale Onefs Nov 21, 2024 Nov 12, 2021 N/A· v4 6.5 MEDIUM· v3 4.0 MEDIUM· v2 Dell PowerScale OneFS contains an Unsynchronized Access to Shared Data in a Multithreaded Context in SMB CA handling. An authenticated user of SMB on a cluster with CA could potentially exploit this vulnerability, leadin...Show more Dell PowerScale OneFS contains an Unsynchronized Access to Shared Data in a Multithreaded Context in SMB CA handling. An authenticated user of SMB on a cluster with CA could potentially exploit this vulnerability, leading to a denial of service over SMB.Show less
CVE-2021-21528 1Dell 1Emc Powerscale Onefs Nov 21, 2024 Nov 12, 2021 N/A· v4 7.5 HIGH· v3 5.0 MEDIUM· v2 Dell EMC PowerScale OneFS versions 9.1.0, 9.2.0.x, 9.2.1.x contain an Exposure of Information through Directory Listing vulnerability. This vulnerability is triggered when upgrading from a previous versions.
CVE-2021-36309 1Dell 1Enterprise Sonic Os Nov 21, 2024 Oct 1, 2021 N/A· v4 6.5 MEDIUM· v3 4.0 MEDIUM· v2 Dell Enterprise SONiC OS, versions 3.3.0 and earlier, contains a sensitive information disclosure vulnerability. An authenticated malicious user with access to the system may use the TACACS\Radius credentials stored to r...Show more Dell Enterprise SONiC OS, versions 3.3.0 and earlier, contains a sensitive information disclosure vulnerability. An authenticated malicious user with access to the system may use the TACACS\Radius credentials stored to read sensitive information and use it in further attacks.Show less
CVE-2021-36298 1Dell 1Isilon Insightiq Firmware Nov 21, 2024 Oct 1, 2021 N/A· v4 9.8 CRITICAL· v3 7.5 HIGH· v2 Dell EMC InsightIQ, versions prior to 4.1.4, contain risky cryptographic algorithms in the SSH component. A remote unauthenticated attacker could potentially exploit this vulnerability leading to authentication bypass an...Show more Dell EMC InsightIQ, versions prior to 4.1.4, contain risky cryptographic algorithms in the SSH component. A remote unauthenticated attacker could potentially exploit this vulnerability leading to authentication bypass and remote takeover of the InsightIQ. This allows an attacker to take complete control of InsightIQ to affect services provided by SSH; so Dell recommends customers to upgrade at the earliest opportunity.Show less
CVE-2021-36297 1Dell 1Supportassist For Home Pcs Nov 21, 2024 Sep 28, 2021 N/A· v4 7.8 HIGH· v3 4.4 MEDIUM· v2 SupportAssist Client version 3.8 and 3.9 contains an Untrusted search path vulnerability that allows attackers to load an arbitrary .dll file via .dll planting/hijacking, only by a separate administrative action that is...Show more SupportAssist Client version 3.8 and 3.9 contains an Untrusted search path vulnerability that allows attackers to load an arbitrary .dll file via .dll planting/hijacking, only by a separate administrative action that is not a default part of the SOSInstallerTool.exe installation for executing arbitrary dll's,Show less
CVE-2021-36286 1Dell 1Supportassist Client Consumer Nov 21, 2024 Sep 28, 2021 N/A· v4 7.1 HIGH· v3 3.6 LOW· v2 Dell SupportAssist Client Consumer versions 3.9.13.0 and any versions prior to 3.9.13.0 contain an arbitrary file deletion vulnerability that can be exploited by using the Windows feature of NTFS called Symbolic links. S...Show more Dell SupportAssist Client Consumer versions 3.9.13.0 and any versions prior to 3.9.13.0 contain an arbitrary file deletion vulnerability that can be exploited by using the Windows feature of NTFS called Symbolic links. Symbolic links can be created by any(non-privileged) user under some object directories, but by themselves are not sufficient to successfully escalate privileges. However, combining them with a different object, such as the NTFS junction point allows for the exploitation. Support assist clean files functionality do not distinguish junction points from the physical folder and proceeds to clean the target of the junction that allows nonprivileged users to create junction points and delete arbitrary files on the system which can be accessed only by the admin.Show less
CVE-2021-36285 1Dell 21Latitude 5310 2 In 1 Firmware Latitude 5320 FirmwareLatitude 5400 Firmware+18 more Nov 21, 2024 Sep 28, 2021 N/A· v4 4.4 MEDIUM· v3 2.1 LOW· v2 Dell BIOS contains an Improper Restriction of Excessive Authentication Attempts vulnerability. A local authenticated malicious administrator could exploit this vulnerability to bypass excessive NVMe password attempt miti...Show more Dell BIOS contains an Improper Restriction of Excessive Authentication Attempts vulnerability. A local authenticated malicious administrator could exploit this vulnerability to bypass excessive NVMe password attempt mitigations in order to carry out a brute force attack.Show less
CVE-2021-36284 1Dell 21Latitude 5310 2 In 1 Firmware Latitude 5320 FirmwareLatitude 5400 Firmware+18 more Nov 21, 2024 Sep 28, 2021 N/A· v4 4.4 MEDIUM· v3 2.1 LOW· v2 Dell BIOS contains an Improper Restriction of Excessive Authentication Attempts vulnerability. A local authenticated malicious administrator could exploit this vulnerability to bypass excessive admin password attempt mit...Show more Dell BIOS contains an Improper Restriction of Excessive Authentication Attempts vulnerability. A local authenticated malicious administrator could exploit this vulnerability to bypass excessive admin password attempt mitigations in order to carry out a brute force attack.Show less
CVE-2021-36283 1Dell 85Chengming 3990 Firmware Chengming 3991 FirmwareG3 15 3500 Firmware+82 more Nov 21, 2024 Sep 28, 2021 N/A· v4 6.7 MEDIUM· v3 7.2 HIGH· v2 Dell BIOS contains an improper input validation vulnerability. A local authenticated malicious user may potentially exploit this vulnerability by using an SMI to gain arbitrary code execution in SMRAM.
CVE-2021-21570 1Dell 1Emc Networker Nov 21, 2024 Sep 28, 2021 N/A· v4 4.9 MEDIUM· v3 4.0 MEDIUM· v2 Dell NetWorker, versions 18.x and 19.x contain an Information disclosure vulnerability. A NetWorker server user with remote access to NetWorker clients may potentially exploit this vulnerability and gain access to unauth...Show more Dell NetWorker, versions 18.x and 19.x contain an Information disclosure vulnerability. A NetWorker server user with remote access to NetWorker clients may potentially exploit this vulnerability and gain access to unauthorized information.Show less

Previous 1...545556...76 Next